3 matches found
@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +59 more potentially affected by CVE-2025-66457 via elysia (>=1.0.13 <=1.4.16)
elysia NPM version =1.0.13, =0.0.1, =0.1.0, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =1.0.0-next.4, =1.0.0, =0.0.1, =1.0.3, =1.1.0, =1.1.2 - @fangorn-network/fetch =2026.4.0-9.dev and more Source cves: CVE-2025-66457 Source advisory: SNYK:JS-ELYSIA-14287466...
PT-2023-29838 · Userback · Userback
Name of the Vulnerable Software and Affected Versions: Userback plugin versions 1.0.13 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...
CVE-2023-2402
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.0.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...